1<?php 2/** 3 * ACL administration functions 4 * 5 * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 6 * @author Andreas Gohr <andi@splitbrain.org> 7 * @author Anika Henke <anika@selfthinker.org> (concepts) 8 * @author Frank Schubert <frank@schokilade.de> (old version) 9 */ 10// must be run within Dokuwiki 11if(!defined('DOKU_INC')) die(); 12 13/** 14 * All DokuWiki plugins to extend the admin function 15 * need to inherit from this class 16 */ 17class admin_plugin_acl extends DokuWiki_Admin_Plugin { 18 var $acl = null; 19 var $ns = null; 20 /** 21 * The currently selected item, associative array with id and type. 22 * Populated from (in this order): 23 * $_REQUEST['current_ns'] 24 * $_REQUEST['current_id'] 25 * $ns 26 * $ID 27 */ 28 var $current_item = null; 29 var $who = ''; 30 var $usersgroups = array(); 31 var $specials = array(); 32 33 /** 34 * return prompt for admin menu 35 */ 36 function getMenuText($language) { 37 return $this->getLang('admin_acl'); 38 } 39 40 /** 41 * return sort order for position in admin menu 42 */ 43 function getMenuSort() { 44 return 1; 45 } 46 47 /** 48 * handle user request 49 * 50 * Initializes internal vars and handles modifications 51 * 52 * @author Andreas Gohr <andi@splitbrain.org> 53 */ 54 function handle() { 55 global $AUTH_ACL; 56 global $ID; 57 global $auth; 58 global $config_cascade; 59 60 // fresh 1:1 copy without replacements 61 $AUTH_ACL = file($config_cascade['acl']['default']); 62 63 64 // namespace given? 65 if($_REQUEST['ns'] == '*'){ 66 $this->ns = '*'; 67 }else{ 68 $this->ns = cleanID($_REQUEST['ns']); 69 } 70 71 if ($_REQUEST['current_ns']) { 72 $this->current_item = array('id' => cleanID($_REQUEST['current_ns']), 'type' => 'd'); 73 } elseif ($_REQUEST['current_id']) { 74 $this->current_item = array('id' => cleanID($_REQUEST['current_id']), 'type' => 'f'); 75 } elseif ($this->ns) { 76 $this->current_item = array('id' => $this->ns, 'type' => 'd'); 77 } else { 78 $this->current_item = array('id' => $ID, 'type' => 'f'); 79 } 80 81 // user or group choosen? 82 $who = trim($_REQUEST['acl_w']); 83 if($_REQUEST['acl_t'] == '__g__' && $who){ 84 $this->who = '@'.ltrim($auth->cleanGroup($who),'@'); 85 }elseif($_REQUEST['acl_t'] == '__u__' && $who){ 86 $this->who = ltrim($who,'@'); 87 if($this->who != '%USER%'){ #keep wildcard as is 88 $this->who = $auth->cleanUser($this->who); 89 } 90 }elseif($_REQUEST['acl_t'] && 91 $_REQUEST['acl_t'] != '__u__' && 92 $_REQUEST['acl_t'] != '__g__'){ 93 $this->who = $_REQUEST['acl_t']; 94 }elseif($who){ 95 $this->who = $who; 96 } 97 98 // handle modifications 99 if(isset($_REQUEST['cmd']) && checkSecurityToken()){ 100 101 // scope for modifications 102 if($this->ns){ 103 if($this->ns == '*'){ 104 $scope = '*'; 105 }else{ 106 $scope = $this->ns.':*'; 107 } 108 }else{ 109 $scope = $ID; 110 } 111 112 if(isset($_REQUEST['cmd']['save']) && $scope && $this->who && isset($_REQUEST['acl'])){ 113 // handle additions or single modifications 114 $this->_acl_del($scope, $this->who); 115 $this->_acl_add($scope, $this->who, (int) $_REQUEST['acl']); 116 }elseif(isset($_REQUEST['cmd']['del']) && $scope && $this->who){ 117 // handle single deletions 118 $this->_acl_del($scope, $this->who); 119 }elseif(isset($_REQUEST['cmd']['update'])){ 120 // handle update of the whole file 121 foreach((array) $_REQUEST['del'] as $where => $names){ 122 // remove all rules marked for deletion 123 foreach($names as $who) 124 unset($_REQUEST['acl'][$where][$who]); 125 } 126 // prepare lines 127 $lines = array(); 128 // keep header 129 foreach($AUTH_ACL as $line){ 130 if($line{0} == '#'){ 131 $lines[] = $line; 132 }else{ 133 break; 134 } 135 } 136 // re-add all rules 137 foreach((array) $_REQUEST['acl'] as $where => $opt){ 138 foreach($opt as $who => $perm){ 139 if ($who[0]=='@') { 140 if ($who!='@ALL') { 141 $who = '@'.ltrim($auth->cleanGroup($who),'@'); 142 } 143 } elseif ($who != '%USER%'){ #keep wildcard as is 144 $who = $auth->cleanUser($who); 145 } 146 $who = auth_nameencode($who,true); 147 $lines[] = "$where\t$who\t$perm\n"; 148 } 149 } 150 // save it 151 io_saveFile($config_cascade['acl']['default'], join('',$lines)); 152 } 153 154 // reload ACL config 155 $AUTH_ACL = file($config_cascade['acl']['default']); 156 } 157 158 // initialize ACL array 159 $this->_init_acl_config(); 160 } 161 162 /** 163 * ACL Output function 164 * 165 * print a table with all significant permissions for the 166 * current id 167 * 168 * @author Frank Schubert <frank@schokilade.de> 169 * @author Andreas Gohr <andi@splitbrain.org> 170 */ 171 function html() { 172 global $ID; 173 174 echo '<div id="acl_manager">'.NL; 175 echo '<h1>'.$this->getLang('admin_acl').'</h1>'.NL; 176 echo '<div class="level1">'.NL; 177 178 echo '<div id="acl__tree">'.NL; 179 $this->_html_explorer(); 180 echo '</div>'.NL; 181 182 echo '<div id="acl__detail">'.NL; 183 $this->_html_detail(); 184 echo '</div>'.NL; 185 echo '</div>'.NL; 186 187 echo '<div class="clearer"></div>'; 188 echo '<h2>'.$this->getLang('current').'</h2>'.NL; 189 echo '<div class="level2">'.NL; 190 $this->_html_table(); 191 echo '</div>'.NL; 192 193 echo '<div class="footnotes"><div class="fn">'.NL; 194 echo '<sup><a id="fn__1" class="fn_bot" name="fn__1" href="#fnt__1">1)</a></sup>'.NL; 195 echo $this->getLang('p_include'); 196 echo '</div></div>'; 197 198 echo '</div>'.NL; 199 } 200 201 /** 202 * returns array with set options for building links 203 * 204 * @author Andreas Gohr <andi@splitbrain.org> 205 */ 206 function _get_opts($addopts=null){ 207 global $ID; 208 $opts = array( 209 'do'=>'admin', 210 'page'=>'acl', 211 ); 212 if($this->ns) $opts['ns'] = $this->ns; 213 if($this->who) $opts['acl_w'] = $this->who; 214 215 if(is_null($addopts)) return $opts; 216 return array_merge($opts, $addopts); 217 } 218 219 /** 220 * Display a tree menu to select a page or namespace 221 * 222 * @author Andreas Gohr <andi@splitbrain.org> 223 */ 224 function _html_explorer(){ 225 global $conf; 226 global $ID; 227 global $lang; 228 229 $dir = $conf['datadir']; 230 $ns = $this->ns; 231 if(empty($ns)){ 232 $ns = dirname(str_replace(':','/',$ID)); 233 if($ns == '.') $ns =''; 234 }elseif($ns == '*'){ 235 $ns =''; 236 } 237 $ns = utf8_encodeFN(str_replace(':','/',$ns)); 238 239 $data = $this->_get_tree($ns); 240 241 // wrap a list with the root level around the other namespaces 242 array_unshift($data, array( 'level' => 0, 'id' => '*', 'type' => 'd', 243 'open' =>'true', 'label' => '['.$lang['mediaroot'].']')); 244 245 echo html_buildlist($data,'acl', 246 array($this,'_html_list_acl'), 247 array($this,'_html_li_acl')); 248 249 } 250 251 /** 252 * get a combined list of media and page files 253 * 254 * @param string $folder an already converted filesystem folder of the current namespace 255 * @param string $limit limit the search to this folder 256 */ 257 function _get_tree($folder,$limit=''){ 258 global $conf; 259 260 // read tree structure from pages and media 261 $data = array(); 262 search($data,$conf['datadir'],'search_index',array('ns' => $folder),$limit); 263 $media = array(); 264 search($media,$conf['mediadir'],'search_index',array('ns' => $folder, 'nofiles' => true),$limit); 265 $data = array_merge($data,$media); 266 unset($media); 267 268 // combine by sorting and removing duplicates 269 usort($data,array($this,'_tree_sort')); 270 $count = count($data); 271 if($count>0) for($i=1; $i<$count; $i++){ 272 if($data[$i-1]['id'] == $data[$i]['id'] && $data[$i-1]['type'] == $data[$i]['type']) unset($data[$i]); 273 } 274 return $data; 275 } 276 277 /** 278 * usort callback 279 * 280 * Sorts the combined trees of media and page files 281 */ 282 function _tree_sort($a,$b){ 283 // handle the trivial cases first 284 if ($a['id'] == '') return -1; 285 if ($b['id'] == '') return 1; 286 // split up the id into parts 287 $a_ids = explode(':', $a['id']); 288 $b_ids = explode(':', $b['id']); 289 // now loop through the parts 290 while (count($a_ids) && count($b_ids)) { 291 // compare each level from upper to lower 292 // until a non-equal component is found 293 $cur_result = strcmp(array_shift($a_ids), array_shift($b_ids)); 294 if ($cur_result) { 295 // if one of the components is the last component and is a file 296 // and the other one is either of a deeper level or a directory, 297 // the file has to come after the deeper level or directory 298 if (empty($a_ids) && $a['type'] == 'f' && (count($b_ids) || $b['type'] == 'd')) return 1; 299 if (empty($b_ids) && $b['type'] == 'f' && (count($a_ids) || $a['type'] == 'd')) return -1; 300 return $cur_result; 301 } 302 } 303 // The two ids seem to be equal. One of them might however refer 304 // to a page, one to a namespace, the namespace needs to be first. 305 if (empty($a_ids) && empty($b_ids)) { 306 if ($a['type'] == $b['type']) return 0; 307 if ($a['type'] == 'f') return 1; 308 return -1; 309 } 310 // Now the empty part is either a page in the parent namespace 311 // that obviously needs to be after the namespace 312 // Or it is the namespace that contains the other part and should be 313 // before that other part. 314 if (empty($a_ids)) return ($a['type'] == 'd') ? -1 : 1; 315 if (empty($b_ids)) return ($b['type'] == 'd') ? 1 : -1; 316 } 317 318 /** 319 * Display the current ACL for selected where/who combination with 320 * selectors and modification form 321 * 322 * @author Andreas Gohr <andi@splitbrain.org> 323 */ 324 function _html_detail(){ 325 global $conf; 326 global $ID; 327 328 echo '<form action="'.wl().'" method="post" accept-charset="utf-8"><div class="no">'.NL; 329 330 echo '<div id="acl__user">'; 331 echo $this->getLang('acl_perms').' '; 332 $inl = $this->_html_select(); 333 echo '<input type="text" name="acl_w" class="edit" value="'.(($inl)?'':hsc(ltrim($this->who,'@'))).'" />'.NL; 334 echo '<input type="submit" value="'.$this->getLang('btn_select').'" class="button" />'.NL; 335 echo '</div>'.NL; 336 337 echo '<div id="acl__info">'; 338 $this->_html_info(); 339 echo '</div>'; 340 341 echo '<input type="hidden" name="ns" value="'.hsc($this->ns).'" />'.NL; 342 echo '<input type="hidden" name="id" value="'.hsc($ID).'" />'.NL; 343 echo '<input type="hidden" name="do" value="admin" />'.NL; 344 echo '<input type="hidden" name="page" value="acl" />'.NL; 345 echo '<input type="hidden" name="sectok" value="'.getSecurityToken().'" />'.NL; 346 echo '</div></form>'.NL; 347 } 348 349 /** 350 * Print infos and editor 351 */ 352 function _html_info(){ 353 global $ID; 354 355 if($this->who){ 356 $current = $this->_get_exact_perm(); 357 358 // explain current permissions 359 $this->_html_explain($current); 360 // load editor 361 $this->_html_acleditor($current); 362 }else{ 363 echo '<p>'; 364 if($this->ns){ 365 printf($this->getLang('p_choose_ns'),hsc($this->ns)); 366 }else{ 367 printf($this->getLang('p_choose_id'),hsc($ID)); 368 } 369 echo '</p>'; 370 371 echo $this->locale_xhtml('help'); 372 } 373 } 374 375 /** 376 * Display the ACL editor 377 * 378 * @author Andreas Gohr <andi@splitbrain.org> 379 */ 380 function _html_acleditor($current){ 381 global $lang; 382 383 echo '<fieldset>'; 384 if(is_null($current)){ 385 echo '<legend>'.$this->getLang('acl_new').'</legend>'; 386 }else{ 387 echo '<legend>'.$this->getLang('acl_mod').'</legend>'; 388 } 389 390 391 echo $this->_html_checkboxes($current,empty($this->ns),'acl'); 392 393 if(is_null($current)){ 394 echo '<input type="submit" name="cmd[save]" class="button" value="'.$lang['btn_save'].'" />'.NL; 395 }else{ 396 echo '<input type="submit" name="cmd[save]" class="button" value="'.$lang['btn_update'].'" />'.NL; 397 echo '<input type="submit" name="cmd[del]" class="button" value="'.$lang['btn_delete'].'" />'.NL; 398 } 399 400 echo '</fieldset>'; 401 } 402 403 /** 404 * Explain the currently set permissions in plain english/$lang 405 * 406 * @author Andreas Gohr <andi@splitbrain.org> 407 */ 408 function _html_explain($current){ 409 global $ID; 410 global $auth; 411 412 $who = $this->who; 413 $ns = $this->ns; 414 415 // prepare where to check 416 if($ns){ 417 if($ns == '*'){ 418 $check='*'; 419 }else{ 420 $check=$ns.':*'; 421 } 422 }else{ 423 $check = $ID; 424 } 425 426 // prepare who to check 427 if($who{0} == '@'){ 428 $user = ''; 429 $groups = array(ltrim($who,'@')); 430 }else{ 431 $user = $who; 432 $info = $auth->getUserData($user); 433 if($info === false){ 434 $groups = array(); 435 }else{ 436 $groups = $info['grps']; 437 } 438 } 439 440 // check the permissions 441 $perm = auth_aclcheck($check,$user,$groups); 442 443 // build array of named permissions 444 $names = array(); 445 if($perm){ 446 if($ns){ 447 if($perm >= AUTH_DELETE) $names[] = $this->getLang('acl_perm16'); 448 if($perm >= AUTH_UPLOAD) $names[] = $this->getLang('acl_perm8'); 449 if($perm >= AUTH_CREATE) $names[] = $this->getLang('acl_perm4'); 450 } 451 if($perm >= AUTH_EDIT) $names[] = $this->getLang('acl_perm2'); 452 if($perm >= AUTH_READ) $names[] = $this->getLang('acl_perm1'); 453 $names = array_reverse($names); 454 }else{ 455 $names[] = $this->getLang('acl_perm0'); 456 } 457 458 // print permission explanation 459 echo '<p>'; 460 if($user){ 461 if($ns){ 462 printf($this->getLang('p_user_ns'),hsc($who),hsc($ns),join(', ',$names)); 463 }else{ 464 printf($this->getLang('p_user_id'),hsc($who),hsc($ID),join(', ',$names)); 465 } 466 }else{ 467 if($ns){ 468 printf($this->getLang('p_group_ns'),hsc(ltrim($who,'@')),hsc($ns),join(', ',$names)); 469 }else{ 470 printf($this->getLang('p_group_id'),hsc(ltrim($who,'@')),hsc($ID),join(', ',$names)); 471 } 472 } 473 echo '</p>'; 474 475 // add note if admin 476 if($perm == AUTH_ADMIN){ 477 echo '<p>'.$this->getLang('p_isadmin').'</p>'; 478 }elseif(is_null($current)){ 479 echo '<p>'.$this->getLang('p_inherited').'</p>'; 480 } 481 } 482 483 484 /** 485 * Item formatter for the tree view 486 * 487 * User function for html_buildlist() 488 * 489 * @author Andreas Gohr <andi@splitbrain.org> 490 */ 491 function _html_list_acl($item){ 492 global $ID; 493 $ret = ''; 494 // what to display 495 if($item['label']){ 496 $base = $item['label']; 497 }else{ 498 $base = ':'.$item['id']; 499 $base = substr($base,strrpos($base,':')+1); 500 } 501 502 // highlight? 503 if( ($item['type']== $this->current_item['type'] && $item['id'] == $this->current_item['id'])) 504 $cl = ' cur'; 505 506 // namespace or page? 507 if($item['type']=='d'){ 508 if($item['open']){ 509 $img = DOKU_BASE.'lib/images/minus.gif'; 510 $alt = '−'; 511 }else{ 512 $img = DOKU_BASE.'lib/images/plus.gif'; 513 $alt = '+'; 514 } 515 $ret .= '<img src="'.$img.'" alt="'.$alt.'" />'; 516 $ret .= '<a href="'.wl('',$this->_get_opts(array('ns'=>$item['id'],'sectok'=>getSecurityToken()))).'" class="idx_dir'.$cl.'">'; 517 $ret .= $base; 518 $ret .= '</a>'; 519 }else{ 520 $ret .= '<a href="'.wl('',$this->_get_opts(array('id'=>$item['id'],'ns'=>'','sectok'=>getSecurityToken()))).'" class="wikilink1'.$cl.'">'; 521 $ret .= noNS($item['id']); 522 $ret .= '</a>'; 523 } 524 return $ret; 525 } 526 527 528 function _html_li_acl($item){ 529 return '<li class="level' . $item['level'] . ' ' . 530 ($item['open'] ? 'open' : 'closed') . '">'; 531 } 532 533 534 /** 535 * Get current ACL settings as multidim array 536 * 537 * @author Andreas Gohr <andi@splitbrain.org> 538 */ 539 function _init_acl_config(){ 540 global $AUTH_ACL; 541 global $conf; 542 $acl_config=array(); 543 $usersgroups = array(); 544 545 // get special users and groups 546 $this->specials[] = '@ALL'; 547 $this->specials[] = '@'.$conf['defaultgroup']; 548 if($conf['manager'] != '!!not set!!'){ 549 $this->specials = array_merge($this->specials, 550 array_map('trim', 551 explode(',',$conf['manager']))); 552 } 553 $this->specials = array_filter($this->specials); 554 $this->specials = array_unique($this->specials); 555 sort($this->specials); 556 557 foreach($AUTH_ACL as $line){ 558 $line = trim(preg_replace('/#.*$/','',$line)); //ignore comments 559 if(!$line) continue; 560 561 $acl = preg_split('/\s+/',$line); 562 //0 is pagename, 1 is user, 2 is acl 563 564 $acl[1] = rawurldecode($acl[1]); 565 $acl_config[$acl[0]][$acl[1]] = $acl[2]; 566 567 // store non-special users and groups for later selection dialog 568 $ug = $acl[1]; 569 if(in_array($ug,$this->specials)) continue; 570 $usersgroups[] = $ug; 571 } 572 573 $usersgroups = array_unique($usersgroups); 574 sort($usersgroups); 575 ksort($acl_config); 576 577 $this->acl = $acl_config; 578 $this->usersgroups = $usersgroups; 579 } 580 581 /** 582 * Display all currently set permissions in a table 583 * 584 * @author Andreas Gohr <andi@splitbrain.org> 585 */ 586 function _html_table(){ 587 global $lang; 588 global $ID; 589 590 echo '<form action="'.wl().'" method="post" accept-charset="utf-8"><div class="no">'.NL; 591 if($this->ns){ 592 echo '<input type="hidden" name="ns" value="'.hsc($this->ns).'" />'.NL; 593 }else{ 594 echo '<input type="hidden" name="id" value="'.hsc($ID).'" />'.NL; 595 } 596 echo '<input type="hidden" name="acl_w" value="'.hsc($this->who).'" />'.NL; 597 echo '<input type="hidden" name="do" value="admin" />'.NL; 598 echo '<input type="hidden" name="page" value="acl" />'.NL; 599 echo '<input type="hidden" name="sectok" value="'.getSecurityToken().'" />'.NL; 600 echo '<table class="inline">'; 601 echo '<tr>'; 602 echo '<th>'.$this->getLang('where').'</th>'; 603 echo '<th>'.$this->getLang('who').'</th>'; 604 echo '<th>'.$this->getLang('perm').'<sup><a id="fnt__1" class="fn_top" name="fnt__1" href="#fn__1">1)</a></sup></th>'; 605 echo '<th>'.$lang['btn_delete'].'</th>'; 606 echo '</tr>'; 607 foreach($this->acl as $where => $set){ 608 foreach($set as $who => $perm){ 609 echo '<tr>'; 610 echo '<td>'; 611 if(substr($where,-1) == '*'){ 612 echo '<span class="aclns">'.hsc($where).'</span>'; 613 $ispage = false; 614 }else{ 615 echo '<span class="aclpage">'.hsc($where).'</span>'; 616 $ispage = true; 617 } 618 echo '</td>'; 619 620 echo '<td>'; 621 if($who{0} == '@'){ 622 echo '<span class="aclgroup">'.hsc($who).'</span>'; 623 }else{ 624 echo '<span class="acluser">'.hsc($who).'</span>'; 625 } 626 echo '</td>'; 627 628 echo '<td>'; 629 echo $this->_html_checkboxes($perm,$ispage,'acl['.$where.']['.$who.']'); 630 echo '</td>'; 631 632 echo '<td align="center">'; 633 echo '<input type="checkbox" name="del['.hsc($where).'][]" value="'.hsc($who).'" />'; 634 echo '</td>'; 635 echo '</tr>'; 636 } 637 } 638 639 echo '<tr>'; 640 echo '<th align="right" colspan="4">'; 641 echo '<input type="submit" value="'.$lang['btn_update'].'" name="cmd[update]" class="button" />'; 642 echo '</th>'; 643 echo '</tr>'; 644 echo '</table>'; 645 echo '</div></form>'.NL; 646 } 647 648 649 /** 650 * Returns the permission which were set for exactly the given user/group 651 * and page/namespace. Returns null if no exact match is available 652 * 653 * @author Andreas Gohr <andi@splitbrain.org> 654 */ 655 function _get_exact_perm(){ 656 global $ID; 657 if($this->ns){ 658 if($this->ns == '*'){ 659 $check = '*'; 660 }else{ 661 $check = $this->ns.':*'; 662 } 663 }else{ 664 $check = $ID; 665 } 666 667 if(isset($this->acl[$check][$this->who])){ 668 return $this->acl[$check][$this->who]; 669 }else{ 670 return null; 671 } 672 } 673 674 /** 675 * adds new acl-entry to conf/acl.auth.php 676 * 677 * @author Frank Schubert <frank@schokilade.de> 678 */ 679 function _acl_add($acl_scope, $acl_user, $acl_level){ 680 global $config_cascade; 681 $acl_config = file_get_contents($config_cascade['acl']['default']); 682 $acl_user = auth_nameencode($acl_user,true); 683 684 // max level for pagenames is edit 685 if(strpos($acl_scope,'*') === false) { 686 if($acl_level > AUTH_EDIT) $acl_level = AUTH_EDIT; 687 } 688 689 690 $new_acl = "$acl_scope\t$acl_user\t$acl_level\n"; 691 692 $new_config = $acl_config.$new_acl; 693 694 return io_saveFile($config_cascade['acl']['default'], $new_config); 695 } 696 697 /** 698 * remove acl-entry from conf/acl.auth.php 699 * 700 * @author Frank Schubert <frank@schokilade.de> 701 */ 702 function _acl_del($acl_scope, $acl_user){ 703 global $config_cascade; 704 $acl_config = file($config_cascade['acl']['default']); 705 $acl_user = auth_nameencode($acl_user,true); 706 707 $acl_pattern = '^'.preg_quote($acl_scope,'/').'\s+'.$acl_user.'\s+[0-8].*$'; 708 709 // save all non!-matching 710 $new_config = preg_grep("/$acl_pattern/", $acl_config, PREG_GREP_INVERT); 711 712 return io_saveFile($config_cascade['acl']['default'], join('',$new_config)); 713 } 714 715 /** 716 * print the permission radio boxes 717 * 718 * @author Frank Schubert <frank@schokilade.de> 719 * @author Andreas Gohr <andi@splitbrain.org> 720 */ 721 function _html_checkboxes($setperm,$ispage,$name){ 722 global $lang; 723 724 static $label = 0; //number labels 725 $ret = ''; 726 727 if($ispage && $setperm > AUTH_EDIT) $perm = AUTH_EDIT; 728 729 foreach(array(AUTH_NONE,AUTH_READ,AUTH_EDIT,AUTH_CREATE,AUTH_UPLOAD,AUTH_DELETE) as $perm){ 730 $label += 1; 731 732 //general checkbox attributes 733 $atts = array( 'type' => 'radio', 734 'id' => 'pbox'.$label, 735 'name' => $name, 736 'value' => $perm ); 737 //dynamic attributes 738 if(!is_null($setperm) && $setperm == $perm) $atts['checked'] = 'checked'; 739 if($ispage && $perm > AUTH_EDIT){ 740 $atts['disabled'] = 'disabled'; 741 $class = ' class="disabled"'; 742 }else{ 743 $class = ''; 744 } 745 746 //build code 747 $ret .= '<label for="pbox'.$label.'" title="'.$this->getLang('acl_perm'.$perm).'"'.$class.'>'; 748 $ret .= '<input '.buildAttributes($atts).' /> '; 749 $ret .= $this->getLang('acl_perm'.$perm); 750 $ret .= '</label>'.NL; 751 } 752 return $ret; 753 } 754 755 /** 756 * Print a user/group selector (reusing already used users and groups) 757 * 758 * @author Andreas Gohr <andi@splitbrain.org> 759 */ 760 function _html_select(){ 761 global $conf; 762 $inlist = false; 763 764 if($this->who && 765 !in_array($this->who,$this->usersgroups) && 766 !in_array($this->who,$this->specials)){ 767 768 if($this->who{0} == '@'){ 769 $gsel = ' selected="selected"'; 770 }else{ 771 $usel = ' selected="selected"'; 772 } 773 }else{ 774 $usel = ''; 775 $gsel = ''; 776 $inlist = true; 777 } 778 779 780 echo '<select name="acl_t" class="edit">'.NL; 781 echo ' <option value="__g__" class="aclgroup"'.$gsel.'>'.$this->getLang('acl_group').':</option>'.NL; 782 echo ' <option value="__u__" class="acluser"'.$usel.'>'.$this->getLang('acl_user').':</option>'.NL; 783 if (!empty($this->specials)) { 784 echo ' <optgroup label=" ">'.NL; 785 foreach($this->specials as $ug){ 786 if($ug == $this->who){ 787 $sel = ' selected="selected"'; 788 $inlist = true; 789 }else{ 790 $sel = ''; 791 } 792 793 if($ug{0} == '@'){ 794 echo ' <option value="'.hsc($ug).'" class="aclgroup"'.$sel.'>'.hsc($ug).'</option>'.NL; 795 }else{ 796 echo ' <option value="'.hsc($ug).'" class="acluser"'.$sel.'>'.hsc($ug).'</option>'.NL; 797 } 798 } 799 echo ' </optgroup>'.NL; 800 } 801 if (!empty($this->usersgroups)) { 802 echo ' <optgroup label=" ">'.NL; 803 foreach($this->usersgroups as $ug){ 804 if($ug == $this->who){ 805 $sel = ' selected="selected"'; 806 $inlist = true; 807 }else{ 808 $sel = ''; 809 } 810 811 if($ug{0} == '@'){ 812 echo ' <option value="'.hsc($ug).'" class="aclgroup"'.$sel.'>'.hsc($ug).'</option>'.NL; 813 }else{ 814 echo ' <option value="'.hsc($ug).'" class="acluser"'.$sel.'>'.hsc($ug).'</option>'.NL; 815 } 816 } 817 echo ' </optgroup>'.NL; 818 } 819 echo '</select>'.NL; 820 return $inlist; 821 } 822} 823
